Cybereason Raises $59M to Bring Its Security Platform to Japan

The new $59 million round of funding led by SoftBank brings total funding to $90.5 million and will lead the security vendor into Japan.

Security vendor Cybereason today announced a $59 million Series C round of funding as it looks to bring the company's security platform to Japan.
"The plan is to offer a new product and solution to the Japanese and Asia Pacific market; part of it could be an MSSP [managed security service provider]," Lior Div, CEO and co-founder of Cybereason, told eWEEK.
The new round of funding, which was led by SoftBank, including the participation of CRV and Spark Capital, brings total funding for Cybereason to $90.5 million. This is the second round of funding for Cybereason this year. In May, the company raised $25 million in a Series B round that included the participation of CRV, Spark Capital and Lockheed Martin.
"The main reason behind Lockheed Martin's Series B investment was that they were a customer of ours and we decided that we could go to market together," Div said.

Div noted that the new SoftBank Series C investment is following the same pattern as Lockheed Martin. SoftBank is a customer of Cybereason and is now partnering and investing to help push the technology further, specifically for the Japanese market.

Cybereason's platform looks at the offensive side of the security challenge that faces modern enterprises, he said—knowing the attacker's point of view in an effort to determine how to disrupt offensive operations.
From a technology perspective, Cybereason's platform uses the concept of "malops" (malicious operations) protection, which makes use of big data analytics running in-memory to perform rapid analysis of threats. Rather than just relying on big data tools such as Apache Hadoop, Cassandra and Spark, Cybereason spent two years building big data technology that enables its platform to find abnormalities and see everything that is going on in an environment at the same time, Div said.
"We developed technology that can consume information in real time from all the endpoints in an environment, processing all the information, allowing us to find abnormalities," he said. "All the data gives us the ability to decide if an attack is in progress or not."
The Cybereason platform also provides users with full visibility into a timeline of attacker activities. Div said that malops is the pattern of attack used by a hacker to breach an organization.
For Cybereason, an attack isn't just about a piece of data leaving an organization without authorization. Div said his company's technology is looking for any type of abnormality that can serve as the first clue that there is some form of malicious activity happening in an organization.
"The Cybereason engine knows how to mark items as evidence, such as a user logging in at abnormal hours," he said.
Div explained that the Cybereason engine takes all evidence and tries to evolve it into what he referred to as a "suspicion." If all the suspicious items evolve further into a pattern of activity, then Div said it's thought off as being a malicious operation in progress.
"We know how to ask 8 million questions a second, and by asking that many questions, we can combine the knowledge into a story," he said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.